Re: Digicert code-signing
On Thu, Jan 27, 2022 at 10:12 PM Mark Thomas wrote: > > Primarily for release managers. > > Your API key and certificate have expiry dates. By default this is a > year after you created them. The error message when they have expired > just indicates that the credentials are invalid. > > If you get unexpected signing errors - check the validity of your API > key and cert (you can do this through the DigiCert one web interface). Thanks for the reminder. It's best to go in and check it a little once in a while (I had forgotten about the website already ...) rather than be stuck in the middle of some early July release. Rémy - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Digicert code-signing
Primarily for release managers. Your API key and certificate have expiry dates. By default this is a year after you created them. The error message when they have expired just indicates that the credentials are invalid. If you get unexpected signing errors - check the validity of your API key and cert (you can do this through the DigiCert one web interface). Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65853] New: [CsrfPreventionFilter] Extract evaluation of skipNonceCheck into overridable method
https://bz.apache.org/bugzilla/show_bug.cgi?id=65853 Bug ID: 65853 Summary: [CsrfPreventionFilter] Extract evaluation of skipNonceCheck into overridable method Product: Tomcat 9 Version: 9.0.54 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: apa...@froehlich-mail.net Target Milestone: - Currently evaluation of skipNonceCheck is inlined into big doFilter() method. If I want to change behavior of this evaluation (enabling use of wildcards) I have to copy the whole class or at least the whole doFilter() method and reimplement it. If changes are made to the code, I have to reflect these changes in my copy. Bad idea! I suggest to extract this code into a separate method with at least protected visibility. if (Constants.METHOD_GET.equals(req.getMethod()) && entryPoints.contains(getRequestedPath(req))) { if(log.isTraceEnabled()) { log.trace("Skipping CSRF nonce-check for GET request to entry point " + getRequestedPath(req)); } skipNonceCheck = true; } Like this: protected boolean getSkipNonceCheck(HttpServletRequest request) throws IOException, ServletException { if (!Constants.METHOD_GET.equals(request.getMethod())) return true; if (!entryPoints.contains(getRequestedPath(request))) return false; return true; } doFilter() ... if (getSkipNonce(req)) { if(log.isTraceEnabled()) { log.trace("Skipping CSRF nonce-check for GET request to entry point " + getRequestedPath(req)); } skipNonceCheck = true; } ... Maybe some other details would deserve to be in their own (overridable) methods as well. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Fix el messages resource name
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new 080a685 Fix el messages resource name 080a685 is described below commit 080a68535d9a402c9c6630e0937f5b3aa9b6c04e Author: remm AuthorDate: Thu Jan 27 16:26:37 2022 +0100 Fix el messages resource name --- modules/stuffed/tomcat-resource.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/stuffed/tomcat-resource.json b/modules/stuffed/tomcat-resource.json index f397816..96746e7 100644 --- a/modules/stuffed/tomcat-resource.json +++ b/modules/stuffed/tomcat-resource.json @@ -46,7 +46,7 @@ {"name":"org.apache.coyote.http11.filters.LocalStrings"}, {"name":"org.apache.coyote.http11.upgrade.LocalStrings"}, {"name":"org.apache.coyote.http2.LocalStrings"}, -{"name":"org.apache.el.Messages"}, +{"name":"org.apache.el.LocalStrings"}, {"name":"org.apache.jasper.resources.LocalStrings"}, {"name":"org.apache.naming.LocalStrings"}, {"name":"org.apache.naming.factory.LocalStrings"}, - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Expand Locale <-> charset mapping
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 1a67546 Expand Locale <-> charset mapping 1a67546 is described below commit 1a67546879d30131641d7a6aa6b86c34ef9f0b22 Author: Mark Thomas AuthorDate: Thu Jan 27 10:54:42 2022 + Expand Locale <-> charset mapping This particular mapping is now used by the TCK to test ServletReponse.setLocale() so we need this to pass those tests. --- java/org/apache/catalina/util/CharsetMapperDefault.properties | 1 + webapps/docs/changelog.xml| 5 + 2 files changed, 6 insertions(+) diff --git a/java/org/apache/catalina/util/CharsetMapperDefault.properties b/java/org/apache/catalina/util/CharsetMapperDefault.properties index 6f8bf49..d438bcf 100644 --- a/java/org/apache/catalina/util/CharsetMapperDefault.properties +++ b/java/org/apache/catalina/util/CharsetMapperDefault.properties @@ -15,3 +15,4 @@ en=ISO-8859-1 fr=ISO-8859-1 +ja=Shift_JIS diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 378380a..6d146f6 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -112,6 +112,11 @@ list of JARs to skip when scanning for TLDs, web fragments and annotations. (michaelo) + +Expand the default mappings used by +ServletResponse.setLocale() to include a mapping from the +ja locale to the Shift_JIS encoding. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Expand Locale <-> charset mapping
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new ad8d837 Expand Locale <-> charset mapping ad8d837 is described below commit ad8d837ea335928d74833509e4f96747b97b503b Author: Mark Thomas AuthorDate: Thu Jan 27 10:54:42 2022 + Expand Locale <-> charset mapping This particular mapping is now used by the TCK to test ServletReponse.setLocale() so we need this to pass those tests. --- java/org/apache/catalina/util/CharsetMapperDefault.properties | 1 + webapps/docs/changelog.xml| 5 + 2 files changed, 6 insertions(+) diff --git a/java/org/apache/catalina/util/CharsetMapperDefault.properties b/java/org/apache/catalina/util/CharsetMapperDefault.properties index 6f8bf49..d438bcf 100644 --- a/java/org/apache/catalina/util/CharsetMapperDefault.properties +++ b/java/org/apache/catalina/util/CharsetMapperDefault.properties @@ -15,3 +15,4 @@ en=ISO-8859-1 fr=ISO-8859-1 +ja=Shift_JIS diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 540c4ba..a40544d 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -112,6 +112,11 @@ list of JARs to skip when scanning for TLDs, web fragments and annotations. (michaelo) + +Expand the default mappings used by +ServletResponse.setLocale() to include a mapping from the +ja locale to the Shift_JIS encoding. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 10.0.x updated: Expand Locale <-> charset mapping
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.0.x by this push: new c2c57fb Expand Locale <-> charset mapping c2c57fb is described below commit c2c57fb17a3eaa8d4b89671fc36c03db511e79f3 Author: Mark Thomas AuthorDate: Thu Jan 27 10:54:42 2022 + Expand Locale <-> charset mapping This particular mapping is now used by the TCK to test ServletReponse.setLocale() so we need this to pass those tests. --- java/org/apache/catalina/util/CharsetMapperDefault.properties | 1 + webapps/docs/changelog.xml| 5 + 2 files changed, 6 insertions(+) diff --git a/java/org/apache/catalina/util/CharsetMapperDefault.properties b/java/org/apache/catalina/util/CharsetMapperDefault.properties index 6f8bf49..d438bcf 100644 --- a/java/org/apache/catalina/util/CharsetMapperDefault.properties +++ b/java/org/apache/catalina/util/CharsetMapperDefault.properties @@ -15,3 +15,4 @@ en=ISO-8859-1 fr=ISO-8859-1 +ja=Shift_JIS diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 303d8f7..2afd5bc 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -112,6 +112,11 @@ list of JARs to skip when scanning for TLDs, web fragments and annotations. (michaelo) + +Expand the default mappings used by +ServletResponse.setLocale() to include a mapping from the +ja locale to the Shift_JIS encoding. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch main updated: Expand Locale <-> charset mapping
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/main by this push: new eda77cd Expand Locale <-> charset mapping eda77cd is described below commit eda77cd88b84d6002d9efb818e6d3fbc241e2284 Author: Mark Thomas AuthorDate: Thu Jan 27 10:54:42 2022 + Expand Locale <-> charset mapping This particular mapping is now used by the TCK to test ServletReponse.setLocale() so we need this to pass those tests. --- java/org/apache/catalina/util/CharsetMapperDefault.properties | 1 + webapps/docs/changelog.xml| 5 + 2 files changed, 6 insertions(+) diff --git a/java/org/apache/catalina/util/CharsetMapperDefault.properties b/java/org/apache/catalina/util/CharsetMapperDefault.properties index 6f8bf49..d438bcf 100644 --- a/java/org/apache/catalina/util/CharsetMapperDefault.properties +++ b/java/org/apache/catalina/util/CharsetMapperDefault.properties @@ -15,3 +15,4 @@ en=ISO-8859-1 fr=ISO-8859-1 +ja=Shift_JIS diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 2bac183..6684bf9 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -112,6 +112,11 @@ list of JARs to skip when scanning for TLDs, web fragments and annotations. (michaelo) + +Expand the default mappings used by +ServletResponse.setLocale() to include a mapping from the +ja locale to the Shift_JIS encoding. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65851] New: DefaultServlet.checkIfNoneMatch return 400
https://bz.apache.org/bugzilla/show_bug.cgi?id=65851 Bug ID: 65851 Summary: DefaultServlet.checkIfNoneMatch return 400 Product: Tomcat 8 Version: 8.5.75 Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: jamesx...@163.com Target Milestone: If header contains If-None-Match,response will send error(HttpServletResponse.SC_BAD_REQUEST),because EntityTag.compareEntityTag always false examples: If-None-Match: W/"43812-1643093925000" // RFC 7232 requires weak comparison for If-None-Match headers Boolean matched = EntityTag.compareEntityTag(new StringReader(headerValue), true, resourceETag); if (matched == null) { if (debug > 10) { log("DefaultServlet.checkIfNoneMatch: Invalid header value [" + headerValue + "]"); } response.sendError(HttpServletResponse.SC_BAD_REQUEST); return false; } -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org